From 0104d80164e94cc0e63c5c7fe4fc4208dbc05538 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge@hallyn.com>
Date: Wed, 1 Nov 2023 13:53:06 -0500
Subject: [PATCH] github workflow: split host setup into separate script

Signed-off-by: Serge Hallyn <serge@hallyn.com>
---
 .github/workflows/build.yml | 81 +++----------------------------------
 tools/setup-host.bash       | 67 ++++++++++++++++++++++++++++++
 2 files changed, 72 insertions(+), 76 deletions(-)
 create mode 100755 tools/setup-host.bash

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 8223aad..b8c421b 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -17,98 +17,27 @@ jobs:
         uses: actions/setup-go@v3
         with:
           go-version: 1.21
-      - name: install dependencies
-        run: |
-          echo "options kvm tdp_mmu=N" | sudo tee /etc/modprobe.d/kvm-disable-tdp-mmu.conf
-          echo "options kvm_intel dump_invalid_vmcs=Y" | sudo tee /etc/modprobe.d/kvm-enable-dump_invalid_vmcs.conf
-          sudo apt-get update
-          sudo add-apt-repository -y ppa:puzzleos/dev
-          sudo apt-get -y install \
-            bats cryptsetup-bin expect libacl1-dev libarchive-tools \
-            libcryptsetup-dev libgpgme-dev libcap-dev \
-            libdevmapper-dev liblxc-dev libpam0g-dev \
-            libseccomp-dev libsquashfs-dev lxc lxc-dev make mtools\
-            openssl pip pkgconf skopeo socat squashfuse swtpm jq \
-            uidmap umoci qemu-utils qemu-system-x86 xorriso \
-            ubuntu-dev-tools make gcc squashfs-tools sbsigntool \
-            python3-yaml
-          sudo modprobe kvm
-          sudo adduser $(whoami) kvm
-          sudo chmod o+rw /dev/kvm
-          sudo systemctl restart user@$(id -u runner)
-          sudo systemctl start dbus
-          sudo pip install virt-firmware
-          echo "XXX some debug"
-          cat /proc/self/status
-          ls -l /run/user
-          ls -l /dev/kvm
-          id -u
-          id -u runner
-          ps -ef
-      - name: setup lxc
-        run: |
-          chmod ugo+x $HOME
-          cat /etc/subuid /etc/subgid
-          u=$(id -un) && g=$(id -gn)
-          echo "u=$u g=$g"
-          uidmap=$(awk -F: '$1 == u { print $2, $3 }' "u=$u" /etc/subuid)
-          gidmap=$(awk -F: '$1 == g { print $2, $3 }' "g=$g" /etc/subgid)
-          if [ "$u" = "runner" ] && [ -z "$gidmap" ]; then
-            # 'id -gn' shows docker, but 'runner' is in subgid
-            g="runner"
-            gidmap=$(awk -F: '$1 == g { print $2, $3 }' "g=$g" /etc/subgid)
-          fi
-          echo "uidmap=$uidmap."
-          echo "gidmap=$gidmap."
-          [ -n "$uidmap" ] && [ -n "$gidmap" ] ||
-              { echo "did not get uidmap or gidmap for u=$u g=$g"; exit 1; }
-          mkdir -p ~/.config/lxc/
-          echo "writing .config/lxc/default.conf"
-          tee ~/.config/lxc/default.conf <<EOF
-          lxc.include = /etc/lxc/default.conf
-          lxc.idmap = u 0 $uidmap
-          lxc.idmap = g 0 $gidmap
-          EOF
-          set -x
-          cat ~/.config/lxc/default.conf
-          cat /etc/subuid
 
-          echo "writing /etc/lxc/lxc-usernet"
-          echo "$u veth lxcbr0 100" | sudo tee -a /etc/lxc/lxc-usernet
-      - name: install stacker
-        run: |
-          wget -O ~/bin/stacker --progress=dot:mega https://github.com/project-stacker/stacker/releases/download/v1.0.0-rc5/stacker
-          chmod 755 ~/bin/stacker
-      - name: install skopeo
+      - name: setup host
         run: |
-          wget -O ~/bin/skopeo --progress=dot:mega https://github.com/project-machine/tools/releases/download/v0.0.1/skopeo
-          chmod 755 ~/bin/skopeo
-          sudo cp -f ~/bin/skopeo /usr/bin/skopeo
+          bash ./tools/setup-host.bash
+
       - name: lint
         run: |
           make gofmt
+
       - name: make
         run: |
           go get -v ./...
           make
 
-      - name: test preparation
-        run: |
-          wget -O ~/bin/machine --progress=dot:mega https://github.com/project-machine/machine/releases/download/v0.1.2/machine-linux-amd64
-          wget -O ~/bin/machined --progress=dot:mega https://github.com/project-machine/machine/releases/download/v0.1.2/machined-linux-amd64
-          chmod 755 ~/bin/machine ~/bin/machined
-          mkdir -p ~/.config/systemd/user/
-          export  PATH=~/bin:$PATH
       - name: test
         run: |
-          id
-          mkdir -p /run/user/$(id -u)/containers
-          chmod go+rx /run/user/$(id -u)
-          chmod go+rx /run/user/$(id -u)/containers
           nohup ~/bin/machined > /tmp/machined.out 2>&1 &
           timeout 60m make test
           timeout 20m bats tests/livecd1.bats
           timeout 20m bats tests/livecd2.bats
+
       - name: show journal output
         if: always()
         run: |
diff --git a/tools/setup-host.bash b/tools/setup-host.bash
new file mode 100755
index 0000000..efb60cc
--- /dev/null
+++ b/tools/setup-host.bash
@@ -0,0 +1,67 @@
+#!/bin/bash
+
+# Set up a host to be ready for building and testing project-machine
+mkdir -p ~/bin
+
+echo "options kvm tdp_mmu=N" | sudo tee /etc/modprobe.d/kvm-disable-tdp-mmu.conf
+echo "options kvm_intel dump_invalid_vmcs=Y" | sudo tee /etc/modprobe.d/kvm-enable-dump_invalid_vmcs.conf
+
+sudo apt-get update
+sudo add-apt-repository -y ppa:puzzleos/dev
+sudo apt-get -y install \
+	bats cryptsetup-bin expect libacl1-dev libarchive-tools \
+	libcryptsetup-dev libgpgme-dev libcap-dev \
+	libdevmapper-dev liblxc-dev libpam0g-dev \
+	libseccomp-dev libsquashfs-dev lxc lxc-dev make mtools\
+	openssl pip pkgconf skopeo socat squashfuse swtpm jq \
+	uidmap umoci qemu-utils qemu-system-x86 xorriso \
+	ubuntu-dev-tools make gcc squashfs-tools sbsigntool \
+	python3-yaml
+sudo modprobe kvm
+sudo adduser $(whoami) kvm
+sudo chmod o+rw /dev/kvm
+sudo systemctl restart user@$(id -u runner)
+sudo systemctl start dbus
+sudo pip install virt-firmware
+
+wget -O ~/bin/stacker --progress=dot:mega https://github.com/project-stacker/stacker/releases/download/v1.0.0-rc5/stacker
+chmod 755 ~/bin/stacker
+
+wget -O ~/bin/skopeo --progress=dot:mega https://github.com/project-machine/tools/releases/download/v0.0.1/skopeo
+chmod 755 ~/bin/skopeo
+sudo cp -f ~/bin/skopeo /usr/bin/skopeo
+
+wget -O ~/bin/machine --progress=dot:mega https://github.com/project-machine/machine/releases/download/v0.1.2/machine-linux-amd64
+wget -O ~/bin/machined --progress=dot:mega https://github.com/project-machine/machine/releases/download/v0.1.2/machined-linux-amd64
+chmod 755 ~/bin/machine ~/bin/machined
+mkdir -p ~/.config/systemd/user/
+export  PATH=~/bin:$PATH
+
+mkdir -p /run/user/$(id -u)/containers
+chmod go+rx /run/user/$(id -u)
+chmod go+rx /run/user/$(id -u)/containers
+
+chmod ugo+x $HOME
+cat /etc/subuid /etc/subgid
+u=$(id -un)
+g=$(id -gn)
+echo "u=$u g=$g"
+uidmap=$(awk -F: '$1 == u { print $2, $3 }' "u=$u" /etc/subuid)
+gidmap=$(awk -F: '$1 == g { print $2, $3 }' "g=$g" /etc/subgid)
+if [ "$u" = "runner" ] && [ -z "$gidmap" ]; then
+	# 'id -gn' shows docker, but 'runner' is in subgid
+	g="runner"
+	gidmap=$(awk -F: '$1 == g { print $2, $3 }' "g=$g" /etc/subgid)
+fi
+echo "uidmap=$uidmap."
+echo "gidmap=$gidmap."
+[ -n "$uidmap" ] && [ -n "$gidmap" ] || \
+	{ echo "did not get uidmap or gidmap for u=$u g=$g"; exit 1; }
+mkdir -p ~/.config/lxc/
+tee ~/.config/lxc/default.conf <<EOF
+lxc.include = /etc/lxc/default.conf
+lxc.idmap = u 0 $uidmap
+lxc.idmap = g 0 $gidmap
+EOF
+
+echo "$u veth lxcbr0 100" | sudo tee -a /etc/lxc/lxc-usernet